Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.40 views

Debian DLA-93-1 : libgcrypt11 security update

Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal encryption subkeys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side-channel attack see http://www.cs.tau.ac.il/tromer/handsoff/. This is fixed in Squeeze in version 1.4.5-2+squeeze...

2.1CVSS6.4AI score0.00531EPSS
Exploits0References4
OSV
OSV
added 2014/11/25 12:0 a.m.36 views

DLA-93-1 libgcrypt11 - security update

Bulletin has no description...

2.1CVSS5.8AI score0.00531EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.28 views

Debian DSA-3073-1 : libgcrypt11 - security update

Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal encryption subkeys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side-channel attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

2.1CVSS6.4AI score0.00531EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2014/06/25 10:0 a.m.35 views

CVE-2014-4617

The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence...

5CVSS6.5AI score0.03305EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/30 12:0 a.m.21 views

Debian DSA-2730-1 : gnupg - information leak

Yarom and Falkner discovered that RSA secret keys could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system. This update fixes this issue for the 1.4 series of GnuPG. GnuPG 2.x is affected through its use of the...

1.9CVSS5.6AI score0.00533EPSS
Exploits0References5
Debian
Debian
added 2013/07/29 6:50 p.m.20 views

[SECURITY] [DSA 2731-1] libgcrypt11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2731-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 29, 2013 http://www.debian.org/security/faq -...

1.9CVSS5.7AI score0.00533EPSS
Exploits0
NVD
NVD
added 2010/08/05 6:17 p.m.20 views

CVE-2010-2547

Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc...

8.1CVSS8.3AI score0.05342EPSS
Exploits0References18
Rows per page
Query Builder